Spyware (sometimes also known as adware or thiefware) is one of the fastest growing computer security problems today. Enterprises, Internet service providers and home users are all vulnerable to spyware, which installs itself on computers, executes thereon, gathers information about the computer and its user(s) and transmits this ill-gotten information back to a central repository (e.g., a spyware home server).
Commercial software exists today which detects known spyware on computers by scanning for identifying signatures. Such software then eliminates detected spyware. However, spyware is often quite sophisticated, and contacts home servers not only to send its stolen information, but also to update itself by downloading newer versions. Not only can the newer versions be more effective at gleaning information, but they can also be engineered to spoof scanning software. Some spyware is so well engineered that it continues to download newer versions from its home server with altered binary layouts, and thus remains undetected by signature based detection systems.
What is needed are methods, systems and computer readable media for preventing spyware from communicating to its home servers, thereby preventing both the theft of information and the updating of the spyware itself. It would also be desirable for the methods, systems and computer readable media to be able to identify computers that are infected with spyware.